Advisories ยป MGASA-2017-0091

Updated glibc packages fix security vulnerability

Publication date: 27 Mar 2017
Modification date: 27 Mar 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-5180 , CVE-2016-5417

Description

Florian Weimer discovered a NULL pointer dereference in the DNS
resolver of the GNU C Library. An attacker could use this to cause
a denial of service (CVE-2015-5180).

Tim Ruehsen discovered that the getaddrinfo() implementation in the
GNU C Library did not properly track memory allocations. An attacker
could use this to cause a denial of service (CVE-2016-5417).
                

References

SRPMS

5/core